Using Django-Registration-Redux here. The activation email with a link is being send perfectly and I've adjusted the template for the email.
But I'm wondering if someone can give an example code of how to communicate the Username they just created in this email. {{}} and what settings to adjust.
Thank you in advance!
The user variable is available in the context of the activation email template. So to output username just add this code: {{ user.username }}.
Related
I am using active directory login authentication for my django web application. So there is no need of change password link in admin site.
I have searched lot of article, but I haven't found any thing to hide change password link.
So what is the way of hiding change password link from admin?
You don't need to override admin template.
If user.has_usable_password() returns False, then Django will not display change password URL for that user.
user.has_usable_password()can be made to return False by calling user.set_unusable_password().
From docs:
set_unusable_password()
Marks the user as having no password set. This isn’t the same as having a blank string for a password. check_password() for this user will never return True. Doesn’t save the User object.
You may need this if authentication for your application takes place against an existing external source such as an LDAP directory.
has_usable_password()
Returns False if set_unusable_password() has been called for this user.
Source code for condition filter in Django base admin template:
{% if user.has_usable_password %}
{% translate 'Change password' %}
{% endif %}
In Django, you can define form classes and have templates render them according to the class fields. However, how do you securely pass in information about the user who submitted the form into the view?
For instance, you can manually hard-code the user into a form field in a template with
{{ request.user.username }}
However, couldn't anyone just submit their own post request to the form url with any user they wanted in this case?
Is there a "Django approach" to prevent the scenario above from happening and to have the view retrieve information about the user who submitted the form?
To securely track the submitter of the form, you can require that a user is logged in in order to submit the form.
As kathikr mentioned, you can use #login_required decorator to ensure that a user is logged in to submit the form. Then you can rely on request.user to determine the logged in user.
The contrib apps “django.contrib.auth” and “django.contrib.sessions” are the standard Django way of doing this.
Have a read through the documentation on the “auth” app in particular:
https://docs.djangoproject.com/en/dev/topics/auth/default/
As the title indicates, I would like to know how to do to distinguish a user that is logged in with facebook from a user that is logged in by mail. I'm using django-facebook.
It seems that
request.user.is_authenticated()
is for every kind of authentification.
Any help would be welcome,
I think you can check if request.user has a FacebookProfile:
{% if request.user.facebookprofile %}user has facebook profile{% endif %}
Or in python:
if request.user.facebookprofile_id:
print 'has facebookprofile'
I am developing a web based application in which i need to update the password and is_staff status of a user from Admin(template) page. To do this i created a template which are showing the list of all registered users. see the template:
{% for obj in users_list.object_list %}
<tr class="{% cycle 'odd' 'even' %}">
<td>{{obj}}</td>
<td>{{obj.first_name}}</td>
<td>{{obj.last_name}}</td>
<td>{{obj.email}}</td>
<td>{{obj.is_staff}}</td>
The above code showing the list of all users includes their Full name, Email and is_staff status. What i want, when admin will click on the user name (i uses the href attributes). It will get the option to update the password and is_staff status for a clicked user at open page.
To do this i am not able to find out how to pass the id of user in following line. I tried with user.pk but it always given 1 to me. May be it is returning the current loginned user id but the loginned user is super user also:
<td>{{obj.first_name}}</td>
The reference to the user is obj, not user. So obj.pk should work.
I am using django_registration v0.8 and using the docs here: http://readthedocs.org/docs/django-registration/en/latest/index.html
I have successfully installed the app, and I am using the default backend for my registration purposes.
I have tested this and I can get the form to show up properly at '/accounts/register'
However, one problem is that if I try and break the form input (different password1 and password2 or improper username), no validation errors are being invoked.
The issue also, is that the username, email, and password data is not being stored in auth_user, and the activation email isn't being sent.
From the default backend doc, "During registration, a new instance of django.contrib.auth.models.User is created to represent the new account, with the is_active field set to False. An email is then sent to the email address of the account, containing a link the user must click to activate the account; at that point the is_active field is set to True, and the user may log in normally."
I believe this new instance of django.contrib.auth.models.User is not being created.
I have also included the necessary email settings:
EMAIL_USE_TLS = True
EMAIL_HOST = "smtp.gmail.com"
EMAIL_HOST_USER = "Email"
EMAIL_HOST_PASSWORD = "Password"
EMAIL_PORT = 587
Any help on getting this straight? I am pretty sure I am missing something simple, but been trying to figure it out without any progress. Any help is greatly appreciated.
Sounds like the form is actually catching the error but you're just not seeing it. Do you have any code in your template that's checking for form errors? Something like the following could help you see if an error has occured:
{% if form.errors %}
<div class="lead">
<h3 class="error">
Please correct the error{{ form.errors|pluralize }} below.
</h3>
</div>
{% endif %}